We performed a comparison between Cortex XDR by Palo Alto Networks and Trend Micro XDR based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Cortex XDR presents an intuitive interface, advanced identification of risks, expandability, and compatibility with various other solutions. Meanwhile, Cortex XDR could use enhancements in hard disk encryption, security integration, and customer education. Trend Micro XDR is commended for its holistic approach to preventing, real-time visualization, and ability to prioritize network-based detection and response. Trend Micro XDR should improve integration, overhaul its web interface, and strengthen its business relationships.
Service and Support: Some customers were impressed with Palo Alto's support, while others reported mixed experiences. Some customers have found Trend Micro’s customer service to be helpful and responsive, while others have encountered challenges with technical support in complex situations.
Ease of Deployment: Some users thought Cortex XDR’s deployment was fast and straightforward, while others consider it to be a complex and time-consuming task that requires thorough planning. The initial setup of Trend Micro XDR is straightforward and fast, but it may require the involvement of several technical professionals.
Pricing: Some reviewers said Cortex XDR is expensive, but others said it was reasonable for the robust feature set Cortex offers. Some reviews noted that Trend Micro XDR might be too costly for small organizations, but others found the price reasonable.
ROI: Cortex XDR creates value by ensuring system and data security rather than a financial return on investment. Trend Micro XDR delivers value through automation. Its efficient alerts ensure timely threat detection and prevention.
Comparison Results: Our users prefer Cortex XDR over Trend Micro XDR. Cortex XDR offers a robust and user-friendly platform with advanced features like threat identification and detection and seamless integration with other solutions. Users appreciate the simplicity and efficiency of its installation process. Trend Micro XDR falls short in terms of integration capabilities and receives mixed reviews regarding technical support.
"The advantage of Microsoft Defender XDR has over other XDRs in the market is that it's easy to use. You can quickly differentiate between alerts, incidents, devices, software, etc. It's easier to investigate an incident, and you have so many options. You can automate investigations and use playbooks. There's also the live response session, which is something you can't find in any other XDR."
"In Microsoft 365 vendor products, monitoring and connectivity across all Microsoft and third-party connectors enable viewing of all activity within those environments."
"The comprehensiveness of Microsoft's threat detection is good."
"The common and advanced security policies for threat hunting and blocking attacks are valuable."
"We are able to consolidate licences and make use of many Microsoft products using this solution. If we have any Microsoft customers, we encourage them to use this solution for enterprise defence."
"We also use Microsoft Sentinel, Defender for Cloud, Defender for Identity, and Microsoft Defender for Cloud Apps. They are all integrated and it was very easy to integrate them. In my experience with the integrations, it was just a click of a button and things were integrated. It's just a button."
"Defender XDR has a feature called the timeline that lets you track all activities. It helps a lot with investigations."
"The EDR features are valuable. By getting the EDR features, we have more control over the device. We have information about events in real-time and more protection against zero-day threats and zero-day vulnerabilities. We can monitor every event or action that a device is going through. We can get an idea if it is something malicious or if we have to take any actions."
"We can use Cortex XDR to get the entire graph of the incidents from source to destination, and we can take remedial action."
"Has great threat detection capabilities."
"Cortex XDR by Palo Alto Networks should be a stable solution."
"Its ability to react to cyber data attacks is awesome. That is pretty much the use of it. What blows your mind is the ability to access your assets remotely and see what is actually going on with them. You can not only see them in a console. You can also react very rapidly to your assets that are compromised."
"Cortex XDR by Palo Alto Networks is easy to use and does not consume a lot of hardware resources."
"Being a cloud solution it is very flexible in serving internal and external connections and a broad range of devices."
"The user interface of the solution is sophisticated and straightforward."
"The initial setup is easy."
"Scaling is not a problem at all."
"We've found the pricing to be reasonable."
"It helps us with investigations."
"We can scale the product as needed."
"The integration is also nice because there are many external tools that we can connect to the platform, such as configuration management tools. Because the platform is integrated, I can manage almost the whole company across our global organization."
"I appreciate the value of real-time activity monitoring."
"I'm satisfied with the level of coverage. The policies have been very useful and detailed."
"I like Vision One's workbench. It provides helpful logs that I can search, and the telemetry is excellent because I can see what's happening during an attack or potential attack."
"What could be improved in Microsoft 365 Defender is its licensing, e.g. it should be more consolidated and would be good if it has some optimizations. Improving the alerts and notifications, in terms of adding more details, would also be good for this solution."
"There should be better information for experts on features in the solution. What I see when reading about features in Microsoft 365 Defender is that it is always general information. If Microsoft could go deeper into details for the experts about how to use the tools, usage of it would be more familiar and it would be easier to use."
"Microsoft Defender XDR is not a full-fledged EDR or XDR."
"Correctly updated records are the most significant area for improvement. There have been times when we were notified of a required fix; we would carry out the fix and confirm it but still get the same notification a week later. This seems to be a delay in records being updated and leads to false reporting, which is something that needs to be fixed."
"There are other SIEM solutions that are easier to use, mainly based on the creation of rules, use cases, and groups."
"The cost can be high if you want to build custom license packages. Another area for improvement is the policies. In Azure, we need to implement policies in JSON format, but in 365 Defender 365, it would be helpful to use a different format so we can customize the platform."
"One of the biggest downsides of Microsoft products, in general, is that the menus are often difficult to find, as they tend to move from place to place between versions."
"The capability to not only thwart attacks but also to adapt to evolving threats is crucial."
"Managing the product should be easier."
"When it comes to core analysis, and security analysis, Cortex needs to provide more information."
"The connection to the internet has not performed as expected."
"It should support more mobile operating systems. That is one of the cons of their infrastructure right now."
"The solution should force customers to integrate with network traffic to see the full benefits of XDR."
"It is not a suitable solution if you are looking for a single product with multiple features such as DLP, encryption, rollback, etc."
"The licensing model is complex to understand. It requires expertise to explain how the licensing works. You need expertise to guide you through the subscription plan."
"They've been having some issues with updating their endpoint agents, and it has been quite frustrating."
"They should increase their potential for third-party integrations."
"A room for improvement is Trend Micro XDR's website. It's a very complicated website since finding the right point one wants to see is difficult."
"The solution could always be made to be more secure."
"The price could be lower."
"The solution lacks compatibility with other products. It needs to integrate better with other surrounding solutions."
"We've received some mild complaints that the documentation is sometimes not up to date."
"Trend Micro doesn't have the next-generation firewall."
"They are planning on adding the Security Playbooks as a complete feature. In the preview mode, it is available; however, it is not released."
More Cortex XDR by Palo Alto Networks Pricing and Cost Advice →
Cortex XDR by Palo Alto Networks is ranked 4th in Extended Detection and Response (XDR) with 80 reviews while Trend Vision One is ranked 6th in Extended Detection and Response (XDR) with 43 reviews. Cortex XDR by Palo Alto Networks is rated 8.4, while Trend Vision One is rated 8.6. The top reviewer of Cortex XDR by Palo Alto Networks writes "Perfect correlation and XDR capabilities for network traffic plus endpoint security". On the other hand, the top reviewer of Trend Vision One writes "The integration of toolsets is key, enabling automation, and vendor has been tremendous partner for us". Cortex XDR by Palo Alto Networks is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Darktrace, Symantec Endpoint Security and Trellix Endpoint Security, whereas Trend Vision One is most compared with CrowdStrike Falcon, Trend Vision One Endpoint Security, SentinelOne Singularity Complete, Microsoft Defender for Endpoint and Wazuh. See our Cortex XDR by Palo Alto Networks vs. Trend Vision One report.
See our list of best Extended Detection and Response (XDR) vendors and best Endpoint Detection and Response (EDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.